search

SuessLabs / VsLinuxDebug

VS Extension to remotely deploy and debug your .NET (Core) C# solutions directly to your Linux or Raspberry Pi devices! .NET Core 3.1, .NET 5, 6, 7, 8, 9
https://marketplace.visualstudio.com/items?itemName=SuessLabs.VSLinuxDebugger
MIT License
38 stars 9 forks source link

[Enhancement] Dropping static plink and use priv key auth management by ssh client #96

Open 5andr0 opened 2 days ago

5andr0 commented 2 days ago

Thanks for this plugin! Saves sooo much time!

I think statically providing plink is bad practice. Everyone can install the official openssh client themselves (“Settings” > “Apps” > “Optional Features”), just add it to the docs. Also host key management should be done by the users ssh client. When I first tried to run it with the default launch.json it was using plink instead of ssh (activated in the settings), which has its own knownhost key management, so I had to manually initiate a plink connection first to add the hostkey.

If you drop plink and let the ssh client manage the priv key authentication with an .ssh/config entry then you can also drop managing the priv key or password auth. You don't even have to store ip, port or user, only the ssh config Host entry alias name. Your code could be so much simpler! Like Visual Studio Code remote ssh also lets the ssh client do the auth. This is the way!

Offtopic

I'm using this for remote docker swarm developing since windows doesn't support joining a swarm network to develop it locally. Here's my Dockerfile for anyone who's looking for container development, which I think is preferable anyway instead of installing the runtime and everything on the linux remote host.

I had to create a user and install sudo because there was no option to disable sudo in the options for the commands you are running. Would be nice if this was optional, since sudo will cause an error in root containers.

FROM golang:1.9-stretch AS keys

WORKDIR /app
ARG SEED=s33d
RUN git clone https://github.com/cornfeedhobo/ssh-keydgen.git /app \
 && cp -r /app/vendor/* /go/src \
 && mkdir -p /go/src/github.com/cornfeedhobo/ssh-keydgen/ \
 && cp -r /app/keygen/ /go/src/github.com/cornfeedhobo/ssh-keydgen/ \
 && cp -r /app/slowseeder/ /go/src/github.com/cornfeedhobo/ssh-keydgen/ \
 && mkdir /keys \
#forcing char device to fix "Reader seed not set"
 && sed -i 's/os.ModeCharDevice/0xFF/g' main.go \
 && go run main.go -t rsa -b 3072 -f /keys/ssh_host_rsa_key --as $SEED -a 2 \
 && go run main.go -t ed25519 -b 256 -f /keys/ssh_host_ed25519_key --as $SEED -a 2 \
 && go run main.go -t ecdsa -b 256 -f /keys/ssh_host_ecdsa_key --as $SEED -a 2 \
 && chmod 644 /keys/ssh_host_rsa_key.pub /keys/ssh_host_ed25519_key.pub /keys/ssh_host_ecdsa_key.pub

FROM mcr.microsoft.com/dotnet/sdk:9.0 AS final

ARG UID=1000
ARG GID=1000
ARG ASP_PORT=80
#ARG PASSWORD=r4nd0m

EXPOSE 22
EXPOSE $ASP_PORT

RUN apt-get update -y && \
  apt install -y less curl unzip sudo openssh-server

RUN groupmod -g $UID app \
 && usermod -aG sudo \
 #-p $(openssl passwd -6 $PASSWORD) \
            -u $GID app \
 && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
 && mkdir /var/run/sshd

COPY --from=keys /keys /etc/ssh

WORKDIR /home/app
COPY keys/* .android/
RUN mkdir .ssh \
 && mkdir -p .vs-debugger/vs2022 \
 && curl -ksSL https://aka.ms/getvsdbgsh | bash /dev/stdin -v latest -l .vs-debugger/vs2022 \
 && chown -R app:app /home/app

ADD --chown=app:app authorized_keys .ssh
RUN chmod 644 .ssh/authorized_keys \
 && chmod 700 .ssh

ENV APP_UID=$UID
ENV ASPNETCORE_HTTP_PORTS=$ASP_PORT
# .NET env vars and custom docker env vars need to be sourced in sshd
RUN echo \
    "#!/bin/sh\n" \
    "env | sed -e '/^HOME=/d' -e 's/^/export /g' >> /etc/profile.d/customenv.sh\n" \
    "chmod +x /etc/profile.d/customenv.sh\n" \
    'exec "$@"' \
 >> /entrypoint.sh \
 && chmod +x /entrypoint.sh

ENTRYPOINT ["/entrypoint.sh"]
CMD ["/usr/sbin/sshd", "-D"]

I wanted persistent host keys, so I opted to create them deterministically from a seed, which should be fine for a dev environment. Alternatively just mount your keys

Feel free to add this dockerfile to the docs

DamianSuess commented 2 days ago

Thank you for the suggestions, Sandro. Admittingly, in the beginning I added the plink executable to quickly support those who may not have it installed. Yes, this does go against my own beliefs of "no executable files in source control".

In the future, this will be removed in favor of a more flexible solution.

5andr0 commented 1 day ago

I understand, but installing openssh client is really just a few clicks. Also your plink won't run on arm for people who use Surface laptops. Sometimes too many options is bad for user experience. I got confused aswell with all the plink options there. It would be so much simpler to just supply an ssh connection string user@host or even just host.

I had a problem where the launch builder didn't recognize when I set UseSSHExeEnabled to true, so it kept using plink. A restart of vs helped. Since then I couldn't reproduce the problem, might be a VS preview issue.

I use a custom port for ssh, which doesn't work with the launch builder, because it doesn't add the port info in the plink command. You should add it as -P $port for plink. When I use ssh, I can set the port in the .ssh/config

A github action would be nice to build the whole thing and release it on github + publish it on the marketplace. I wasn't able to use the build.ps1 script because my vs2022 preview vswhere.exe returned nothing for -property InstallationPath

The docs need an entry how to set hotkeys. Your plugins commands are listed as LinuxDebugger.* in the hotkey settings. UPDATE: Can you please implement a check to block multiple deploy commands after one deploy action has started and the debugging is still running? Holding down a key for just a milisecond too long sends to many inputs and starts deploy a million times

I wish I had time to help you out and contribute, but I don't even have time to sleep right now 😂